Usage
The ansible-rulebook CLI supports the following options:
usage: ansible-rulebook [-h] [-r RULEBOOK] [-e VARS] [-E ENV_VARS] [-v] [--version] [-S SOURCE_DIR] [-i INVENTORY] [-W WEBSOCKET_URL] [--websocket-ssl-verify WEBSOCKET_SSL_VERIFY]
[--websocket-token-url WEBSOCKET_TOKEN_URL] [--websocket-access-token WEBSOCKET_ACCESS_TOKEN] [--websocket-refresh-token WEBSOCKET_REFRESH_TOKEN]
[--id ID] [-w] [-T PROJECT_TARBALL] [--controller-url CONTROLLER_URL] [--controller-token CONTROLLER_TOKEN] [--controller-ssl-verify CONTROLLER_SSL_VERIFY]
[--print-events] [--heartbeat n] [--execution-strategy sequential|parallel] [--skip-audit-events] [--vault-password-file] [--vault-id] [--ask-vault-pass]
optional arguments:
-h, --help show this help message and exit
-r RULEBOOK, --rulebook RULEBOOK
The rulebook file or rulebook from a collection
-e VARS, --vars VARS Variables file
-E ENV_VARS, --env-vars ENV_VARS
Comma separated list of variables to import from the environment
-v, --verbose Causes ansible-rulebook to print more debug messages. Adding multiple -v will increase the verbosity, the default value is 0. The maximum value is 2. Events debugging might require -vv.
--version Show the version and exit
-S SOURCE_DIR, --source-dir SOURCE_DIR
Source dir
-i INVENTORY, --inventory INVENTORY
Inventory can be a file or a directory
-W WEBSOCKET_URL, --websocket-url WEBSOCKET_URL
Connect the event log to a websocket
--websocket-ssl-verify WEBSOCKET_SSL_VERIFY
How to verify SSL when connecting to the websocket api. yes|no|<path to a CA bundle>, default to yes for wss connection.
Connect the event log to a websocket
--websocket-token-url WEBSOCKET_TOKEN_URL
Fetch a renewed token to authenticate websocket connection
--websocket-access-token WEBSOCKET_ACCESS_TOKEN
Initial token used to authenticate websocket connection
--websocket-refresh-token WEBSOCKET_REFRESH_TOKEN
A token needed to renew an authentication token
--id ID Identifier
-w, --worker Enable worker mode
-T PROJECT_TARBALL, --project-tarball PROJECT_TARBALL
A tarball of the project
--controller-url CONTROLLER_URL
Controller API base url, e.g. https://host1:8080, can also be passed in via env var EDA_CONTROLLER_URL
--controller-token CONTROLLER_TOKEN
Controller API authentication token, can also be passed in via env var EDA_CONTROLLER_TOKEN
--controller-ssl-verify CONTROLLER_SSL_VERIFY
How to verify SSL when connecting to the controller, yes|no|<path to a CA bundle>, default to yes for https connection. Can also be passed via env var EDA_CONTROLLER_SSL_VERIFY
--print-events Print events to stdout, redundant and disabled with -vv
--shutdown-delay Maximum number of seconds to wait after a graceful shutdown is issued, default is 60. Can also be set via an env var called EDA_SHUTDOWN_DELAY. The process will shutdown if all actions complete before this time period
--heartbeat <n> Send heartbeat to the server after every n seconds. Default is 0, no heartbeat is sent
--execution-strategy sequential|parallel. The default execution strategy is sequential.
--skip-audit-events Skip sending audit events to the EDA server, default is false
--vault-password-file A file containing one password to decrypt all vaulted strings. The file can be passed in via env var EDA_VAULT_PASSWORD_FILE
--vault-id [label@]path. The path points to file containing one vault password. Repeat --vault-id for multiple passwords. label is optional for hinting which string is encrypted by this password.
--ask-vault-pass Allow user to type a vault password from the console.
To get help from ansible-rulebook run the following:
ansible-rulebook --help
To check the version of ansible-rulebook run the following:
ansible-rulebook --version
The normal method for running ansible-rulebook is the following:
ansible-rulebook --inventory inventory.yml --rulebook rules.yml --vars vars.yml
Note
The –rulebook option requires the –inventory option. The –vars option is not required.
If you are using custom event source plugins use the following:
ansible-rulebook --inventory inventory.yml --rulebook rules.yml -S sources/
Note
Here sources is a directory containing your event source plugins.
To run ansible-rulebook with worker mode enabled the –worker option can be used. The –id, and –websocket-url options can also be used to expose the event stream data:
ansible-rulebook --rulebook rules.yml --inventory inventory.yml --websocket-url "ws://localhost:8080/api/ws2" --id 1 --worker
Note
The id is the activation_instance id which allows the results to be communicated back to the websocket. The –project-tarball option can also be useful during development.
The -v or -vv options can be added to any of the above commands to increase the logging output.